nodejs加密解密有什么问题？ [英] What's wrong with nodejs crypto decipher?

问题描述

我有以下加密数据：

U2FsdGVkX1 + 21O5RB08bavFTq7Yq / gChmXrO3f00tvJaT55A5pPvqw0zFVnHSW1o

解密的密码是：密码

a href =https://github.com/mdp/gibberish-aes> gibberish-aes ）

(it's the example from gibberish-aes)

在命令行中使用openssl：

In the command line using openssl:

echoU2FsdGVkX1 + 21O5RB08bavFTq7Yq / gChmXrO3f00tvJaT55A5pPvqw0zFVnHSW1o| openssl enc -d -aes-256-cbc -a -k password

输出为：

使用Gibberish \\\


使用NodeJS应用程序：

With my NodeJS application:

  var decipher = crypto.createDecipher('aes-256-cbc', "password");
  var dec = decipher.update("U2FsdGVkX1+21O5RB08bavFTq7Yq/gChmXrO3f00tvJaT55A5pPvqw0zFVnHSW1o",
     'base64', 'utf8');
  dec += decipher.final('utf8');

我有以下错误 TypeError：DecipherFinal fail 在 decipher.final 行。

我错过了什么？感谢。

推荐答案

加密的数据以8字节的魔法开头，表示有盐。然后下8个字节是盐。现在坏消息：Node.js似乎没有为EVP_BytesToKey方法使用salt：

The encrypted data starts with a 8 byte "magic" indicating that there is a salt. Then the next 8 bytes is the salt. Now the bad news: Node.js does not seem to use the salt for the EVP_BytesToKey method:

int key_len = EVP_BytesToKey(cipher, EVP_md5(), NULL,
  (unsigned char*) key_buf, key_buf_len, 1, key, iv);

NULL p>

这已使用Java测试应用程序（使用正确的盐）进行验证 - 返回了结果字符串。

That NULL is the salt.

请使用OpenSSL -nosalt 开关离开盐，然后重试。

This has been verified using a Java test application (using the right salt) - the result string was returned.

[EXAMPLE]

Please leave out the salt using the OpenSSL -nosalt switch and try again.

OpenSSL CLI：

[EXAMPLE]

OpenSSL CLI:

NodeJS crypto： / p>

openssl enc -aes-256-cbc -nosalt -a -k password owlstead Mh5yxIyZH+fSMTkSgkLa5w==

NodeJS crypto:

---

[LATE EDIT]请注意，并且大的工作因素可能是安全的最重要的。您最好使用非常独特的高熵密码，否则加密的数据可能会有风险。

---

[LATE EDIT] Note that using secret key derivation with a salt and large work factor may be paramount to security. You'd better use a very unique, high entropy password otherwise your encrypted data may be at risk.

这篇关于nodejs加密解密有什么问题？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！